-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Reference: CERT-EU Security Advisory 2012-0039 Title: Multiple Vulnerabilities in Cisco ASA 5500 Series Adaptive Security Appliances and Cisco Catalyst 6500 Series ASA Services Module [1] Version history: 16.03.2012 Initial publication Summary ======= Tese issues allow remote attackers to cause a denial of service (device reload) via a crafted series of (1) IPv4 or (2) IPv6 UDP packets, aka Bug ID CSCtq10441.[2] CVE-2012-0353 CVSS v2 Base Score:7.1 (HIGH) (AV:N/AC:M/Au:N/C:N/I:N/A:C) [3] Vulnerable systems ================== Cisco ASA 5500 Series Adaptive Security Appliances Cisco Catalyst 6500 Series ASA Services Module Cisco PIX Security Appliances Original Details ================ Cisco ASA 5500 Series Adaptive Security Appliances (ASA) and Cisco Catalyst 6500 Series ASA Services Module (ASASM) are affected by the following vulnerabilities: [1] * Cisco ASA UDP Inspection Engine Denial of Service Vulnerability * Cisco ASA Threat Detection Denial of Service Vulnerability * Cisco ASA Syslog Message 305006 Denial of Service Vulnerability * Protocol-Independent Multicast Denial of Service Vulnerability Cisco PIX Security Appliances may be affected by some of the vulnerabilities described in the security advisory. [1] What can you do? ================ Cisco has released free software updates that address these vulnerabilities. Workarounds are available to mitigate some of the vulnerabilities. [1] What to tell your users? ======================== N/A More information ================ [1]http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120314-asa [2]http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-0353 [3]Information about CVSS: http://www.first.org/cvss/cvss-guide.html Best regards, CERT-EU CERT-EU Pre-configuration Team (http://cert.europa.eu) Phone: +32.2.2990005 / e-mail: cert-eu@ec.europa.eu PGP KeyID 0x46AC4383 FP: 9011 6BE9 D642 DD93 8348 DAFA 27A4 06CA 46AC 4383 (DISCLAIMER: CERT-EU, the CERT for the EU institutions, is currently in its setup phase, until May 2012. Services are provided in a pilot fashion, and are not yet fully functional. Announcements, alerts and warnings are sent out in best effort manner, and to contact information currently known to us. We apologise if you are not the correct recipient, or if you had already been warned about this issue from another source . Format, content and way of alerting are subject to change in the future. Contact information or even the team name may change as well.) -----BEGIN PGP SIGNATURE----- Version: BCPG v1.39 iQJXBAEBAgBBBQJPYys1OhxDRVJUIGZvciB0aGUgRXVyb3BlYW4gSW5zdGl0dXRp b25zIDxjZXJ0LWV1QGVjLmV1cm9wYS5ldT4ACgkQJ6QGykasQ4P7eg//QJ/SYzAu l3/tbdXs+eEtXTgOMewmWs1witBfd+eX4bo41iiSwlqAS4bSVRsJSRakn12ptxoU EZ1y30thpIxORSalYyxIt9WLPI4p6LvTVsoL0OWGkSan4am2R+TTF+7o4hA9REe/ D7XiFsLC50c8Qi/L+f0RAXOFltN61L4TpvSUXVq0kKQeKMw2xxt8KVrFBQgxBHzz EUk34zMyJDqBLAxUgaFuqGhVpdAdVmkUxTYQklG/4Z/2QRni8Z+9fnHfxIh5kmy9 IQkZSoeW4FCho2QPkSu3z9GXSjvSJQlGVaKHQBDdQ5KRjiiovX/z4L/W4Qj2m7XM EJKMxaRSof3E5DxcEXSw1m6INZW+AfpOldquTtAR7uf4UuySo7Tu3ngA/9pgeOl1 ikzW4BJRF2IJNgjBIA3jGIrjQZQktfq6HYI19oeR8rHm7qirdhGTGcPGNmXSyZVh gKUROblS4Oh6ofDzIAOhR3+leVfmorsPJdNKnB0vSKmtghRNCDvkd8gECuSHcmMn KMZO5bwTeJ+nppMNkHP92+2Kx0e6THLLGfmD1fKHeFMriQYTCJlBd6QBN1yBjYLo qlppUaPvolxho4dxp7LMSL65NlzfMtScHv6EEIkL+IbtVRKSccHpzmMu4nct5eUi kVs2/XWPMEqMvQB0qjlEOupnozGgGha7GDM= =tX7S -----END PGP SIGNATURE-----